Addressed safety issues up to 2025-10-27

andy-maier · andy-maier · commit bf0ac49c8dfa · 2025-10-27T22:24:30.000+01:00
Signed-off-by: Andreas Maier &lt;andreas.r.maier@gmx.de&gt;
diff --git a/.safety-policy-develop.yml b/.safety-policy-develop.yml
@@ -28,6 +28,8 @@ security:
             reason: The py package is no longer being fixed (latest version 1.11.0)
         70612:
             reason: Disputed issue in jinja2 version 3.1.3 - No known fix
+        79756:
+            reason: Fixed authlib version 1.6.4 requires Python>=3.9 and is used there
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False
diff --git a/.safety-policy-install.yml b/.safety-policy-install.yml
@@ -24,6 +24,8 @@ security:
     ignore-vulnerabilities:
         76752:
             reason: Fixed setuptools version 78.1.1 requires Python>=3.9 and pyproject.toml does not support python_version markers
+        79883:
+            reason: Fixed pip version 25.2 requires Python>=3.9 and is used there
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False
diff --git a/base-requirements.txt b/base-requirements.txt
@@ -5,7 +5,8 @@
 # Base dependencies (must be consistent with minimum-constraints-install.txt
 # and build-system.requires in pyproject.toml)
 
-pip>=25.0
+pip>=25.0; python_version == '3.8'
+pip>=25.2; python_version >= '3.9'
 setuptools>=70.0.0
 setuptools-scm[toml]>=9.2.0
 wheel>=0.41.3
diff --git a/dev-requirements.txt b/dev-requirements.txt
@@ -26,7 +26,8 @@ safety-schemas>=0.0.14
 dparse>=0.6.4
 ruamel.yaml>=0.17.21
 click>=8.0.2
-Authlib>=1.3.1
+Authlib>=1.3.2; python_version == '3.8'
+Authlib>=1.6.5; python_version >= '3.9'
 marshmallow>=3.15.0
 pydantic>=2.8.0
 pydantic_core>=2.20.0
diff --git a/docs/changes.rst b/docs/changes.rst
@@ -16,7 +16,7 @@ Released: not yet
 
 **Bug fixes:**
 
-* Addressed safety issues up to 2025-06-29.
+* Addressed safety issues up to 2025-10-27.
 
 * Dev: Fixed issue where the package version used for distribution archive file
   names were generated inconsistently between setuptools_scm (used in Makefile)
diff --git a/minimum-constraints-develop.txt b/minimum-constraints-develop.txt
@@ -30,7 +30,8 @@ safety-schemas==0.0.14
 dparse==0.6.4
 ruamel.yaml==0.17.21
 click==8.0.2
-Authlib==1.3.1
+Authlib==1.3.2; python_version == '3.8'
+Authlib==1.6.5; python_version >= '3.9'
 marshmallow==3.15.0
 pydantic==2.8.0
 pydantic_core==2.20.0
diff --git a/minimum-constraints-install.txt b/minimum-constraints-install.txt
@@ -7,7 +7,8 @@
 
 # Base dependencies (must be consistent with base-requirements.txt)
 
-pip==25.0
+pip==25.0; python_version == '3.8'
+pip==25.2; python_version >= '3.9'
 setuptools==70.0.0
 # Note on not specifying 'setuptools-scm[toml]': Extras cannot be in constraints files
 setuptools-scm==9.2.0
